This article is devoted to the assessment of confidence in the risk management system. The term trust in relation to information systems is practically not used nowadays. The author proposes a procedure for assessing confidence in the risk management system, which consists of four stages: compliance with the requirements of Russian legislation and national standards, assessing the optimality of the existing risk management system and reassessing risks. A description of existing methods for assessing confidence in risk management systems has been given. It is concluded that at present there are no existing requirements to the system of risk assessment even in some segments. The paper proposes to use a pre-agreed by stakeholders’ selection of criteria for assessing risks from a system of standards that describe the process of risk assessment in terms of systems engineering. The criteria and indicators used in the standards that define systems analysis are considered. Probabilistic assessment of a few indicators is taken as the basis of risk assessment: risk of violation of reliability of process implementation without regard to information protection requirements; risk of violation of information protection requirements in the process; integral risk of violation of process implementation with regard to information protection requirements. To calculate these risk indicators the investigated entities are examined in the form of a modeled system of a complex structure. A mathematical model for assessing risks in accordance with the provisions of systems engineering standards is presented.
Technologies and methods for creating systems of secure information exchange
This article presents a description of existing technologies and methods for creating secure information exchange systems. To date, secure information exchange systems are built in accordance with two technologies – VPN technology and cryptographic protocols SSL and TSL, as well as in accordance with combinations of these technologies. The necessity of creating network security systems is considered. The rapid development of network technologies leads to an equally rapid increase in information security risks for companies in both the public and private sectors. The requirements of the legislation of the Russian Federation in the field of ensuring the security of networks are presented. The principles of network security design are described. The analysis of existing projects and implementations of network security was carried out. A description of the existing and methods for constructing secure information exchange systems is given. The technologies for building secure information exchange systems based on VPN technology, as well as the algorithms for building VPN connections – PPTP, IPSec, L2TP, SSTP, OpenVPN, GOST VPN are considered. The most common technical and software information security tools that use VPN to build a secure information exchange are described – the products of the companies InfoTeKS, Security Code, S-Terra. The technology of constructing secure information exchange systems based on SSL and TLS cryptographic protocols is considered. This article identifies the most common problems in building secure information exchange systems – the presence of a large number of manufacturers of information security tools with their own ecosystem, as well as high labor, financial and time costs for ensuring the information exchange of systems of different levels of security, the security of which built on solutions from different vendors.
Application of SDR (Software Defined Radio) technology for recovery of signals of side electromagnetic radiation of video tract
This article presents the results of recovering signals of spurious electromagnetic radiation of a video path using an SDR receiver. This work demonstrates the existence of a potential risk of leakage of confidential information through a technical channel of information leakage due to spurious electromagnetic radiation of a video path, bypassing traditional cryptographic and physical methods of information protection. An attack can be carried out by an attacker without special technical knowledge and special professional expensive equipment. The presented stand makes it possible to simplify research related to spurious electromagnetic radiation, as well as to apply this technology to build a learning process in this domain. In the course of the work, a description of the concept of a technical channel of information leakage and a brief description of the side electromagnetic radiation of the video path are given. The following briefly describes the SDR technology, the selected USRP B210 receiver, and the cross-platform open source GNU Radio software package. The demonstration stand is described in detail and the results of image reconstruction are given. In addition, two stages of the development of a demonstration stand are considered: using a simulation signal and a real intercepted signal. A demonstration stand with simulation signals serves to develop a user's understanding of the properties of spurious electromagnetic radiation, as well as possible obstacles to converting an intercepted signal into an image. The studies of the real intercepted signal were carried out on a monitor with a set resolution of 1280×1024 and a screen refresh rate of 60 Hz. An analog VGA (Video Graphics Array) interface was used to connect the monitor. The dependence of the quality of the reconstructed image on the set sampling frequency of the SDR receiver is shown.
Development of a system for monitoring network traffic with filtering elements at the L2
This article proposes a network traffic monitoring system with filtering elements at the data link layer (L2) of the OSI model. This article presents the general requirements and approaches to the construction of the proposed monitoring and filtering system. The developed device is built on the basis of SDN technology, which makes it possible to create a more flexible and multifunctional network device compared to traditional network devices. In the process of developing the device, standard methods and components available to the masses were used. Under the conditions of the tasks set, a schematic diagram of the developed device based on the TE0714 TRM model board and the SFP standard transceiver is presented. It is proposed to use the device for a monitoring system with filtering elements. Network traffic monitoring is proposed to be implemented based on the SNMP protocol to collect information from critical network nodes. It is proposed to implement network traffic filtering based on a "white" list of MAC addresses to limit the list of devices that have access to the system. The practical significance of this article lies in the description of the approach to the development of a fundamental device for monitoring public and personal networks with flexibly defined additional and basic functions. The proposed device, thanks to the use of SDN technology, provides individual customization for customer requests, which means the possibility of expanding functionality without purchasing new hardware and firmware. The proposed device, due to the use of SDN technology, provides individual customization for customer requests, which means the possibility of expanding the functionality without purchasing new hardware and firmware.
Comparative analysis of modern trends in the field of traffic models of data transmission networks
To date, in matters of processing and managing network traffic, there is no single approach applicable to a wide pool of practical and applied tasks that would allow solving traffic management issues. Published works in this area are aimed at solving highly specialized problems: when applying complex solutions, these problems require the introduction of many additional parameters that increase computational complexity or solve only narrowly focused problems. This article provides a comparative analysis of classical network traffic models and reveals the possibility of practical application of such models in real-life problems. Classical traffic models are considered in detail, namely the Poisson model, heavy-tail traffic models, models based on Markov chains, traffic models based on the fractal theory and models based on stochastic time series. A mathematical description of each traffic model is also presented. Based on the results of the comparative analysis, the applicability of mathematical models to real projects was assessed. Based on it, two main problems were identified: first, the lack of consideration of the previous results of network traffic processing; secondly, the narrowly focused applicability of each of the models, given the rigid binding to subject areas, which allows solving only a narrow range of problems. The following indicators were taken as the criteria for evaluating network traffic models: the ability to scale the analyzed traffic, the ability to consider previous traffic data, computational complexity and the absence of some random features that could affect the operation of the model. A detailed study of the problem of traffic scaling revealed the main patterns, dependencies, dimensions of the traffic packet by the time it was processed.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Product
Resources
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2025 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
